package com.mrd.config;

import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;

import javax.servlet.Filter;

import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import com.mrd.modules.shiro.CustomFormAuthenticationFilter;
import com.mrd.modules.shiro.CustomRealm;
import com.mrd.modules.shiro.RedisSessionDAO;

/**
 * Shiro配置
 *
 * @author han
 */
@Configuration
public class ShiroConfig {

  @Bean("sessionManager")
  public SessionManager sessionManager(
      @Qualifier("redisSessionDAO") RedisSessionDAO redisSessionDAO) {
    DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
    sessionManager.setSessionValidationSchedulerEnabled(true);
    sessionManager.setSessionDAO(redisSessionDAO);

    sessionManager.setGlobalSessionTimeout(60 * 60 * 1000);
    // sessionManager.setSessionValidationSchedulerEnabled(true);
    sessionManager.setSessionIdUrlRewritingEnabled(false);
    return sessionManager;
  }

  @Bean("securityManager")
  public SecurityManager securityManager(@Qualifier("customRealm") CustomRealm customRealm,
      SessionManager sessionManager) {
    DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
    securityManager.setRealm(customRealm);
    securityManager.setSessionManager(sessionManager);

    return securityManager;
  }

  @Bean("shiroFilter")
  public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
    ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
    shiroFilter.setSecurityManager(securityManager);
    shiroFilter.setLoginUrl("/login");
    shiroFilter.setSuccessUrl("/manage");
    shiroFilter.setUnauthorizedUrl("/login");
    // oauth过滤
    Map<String, Filter> filters = new HashMap<>();
    filters.put("oauth2", new CustomFormAuthenticationFilter());
    shiroFilter.setFilters(filters);

    Map<String, String> filterMap = new LinkedHashMap<>();
    filterMap.put("/webjars/**", "anon");
    filterMap.put("/druid/**", "anon");
    filterMap.put("/api/**", "anon");
    filterMap.put("/static/**", "anon");
    filterMap.put("/sys/login", "anon");
    filterMap.put("/**/*.css", "anon");
    filterMap.put("/**/*.js", "anon");
    filterMap.put("/fonts/**", "anon");
    filterMap.put("/plugins/**", "anon");
    filterMap.put("/swagger/**", "anon");
    filterMap.put("/favicon.ico", "anon");
    filterMap.put("/captcha.jpg", "anon");
    filterMap.put("/logout", "logout");
    filterMap.put("/login", "anon");
    filterMap.put("/*", "oauth2");
    shiroFilter.setFilterChainDefinitionMap(filterMap);

    return shiroFilter;
  }

  @Bean("lifecycleBeanPostProcessor")
  public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
    return new LifecycleBeanPostProcessor();
  }

  @Bean
  public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
    DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator();
    proxyCreator.setProxyTargetClass(true);
    return proxyCreator;
  }

  @Bean
  public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(
      SecurityManager securityManager) {
    AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
    advisor.setSecurityManager(securityManager);
    return advisor;
  }

}
